// 鉴权白名单
const notWhiteListAPI = ['/collection', '/collectioned', '/posts', '/posts/cate']
module.exports = (options) => {
    return async (ctx, next) => {
        const isNotWhiteAPI = notWhiteListAPI.some(item => item == ctx.request.url)
        if (isNotWhiteAPI) {
            const token = ctx.request.header.authorization; // token码
            if (token) {
                const secret = ctx.request.config.jwt.secret; // 密匙
                const decoding = ctx.app.jwt.verify(token, secret) // 解密
                if(decoding){
                    await next()
                }else {
                    ctx.throw(403, "无效token！请重新登录！")
                }
            }else {
                ctx.throw(403, "请登录后访问")
            }
        }else{
            await next()
        }
    }
}